How to Prevent the Next Heartbleed

4/24/2014 12:59AM

Security expert Ronald Gula of Tenable Network Security tells the WSJ's Joanne Po that a full auditing of business networks will help prevent a repeat of the Heartbleed debacle for consumers and companies alike.

This transcript has been automatically generated and may not be 100% accurate.

... the ... recently discovered the leak but underscoring the need for better or cybersecurity around the world ... and who better to talk to ... about this is Brian glut he's the ... founder and CEO of temple of network security welcome run ... thank you ... it seems I if attackers are getting much better ... much faster ... um ... our companies keeping ... they have to they have to react to these attackers ... but being prevented it ... in reacting to vulnerabilities in real time ... now ... I'm spending the money alone though will fix the problem so ... what what can companies do ... absolutely and have been doing this for twenty years every year there's been a hot product to buy ... gives the illusion of being secure ... what we need to do today though the stock companies that have to have a policy ... that policy needs to be used to figure out how much risk they actually kept ... now I've around the world is all about mobile these days and everything ... you can do your banking if you do your shopping Pringles everything on ... your mobile device is that reading more risk for consumers ... in some cases it is creating more risk because the mobile devices can be insecure ... in other cases it really helps increase your security ... because of all your data can be centralized one place such as in the cloud ... now I wanna go back to that part ... of the problem though that but that we discover ... how can consumers and companies better work together to prevent these problems from going forward absolutely so consumers need to be concerned about ... having their identity stolen having a pass for three years ... to anybody who has ... access to social media site or email that claim to be Obel the Heartbleed should be changing their passwords ... at the same time home users or things like mobile routers why Fi devices or even versions of costs to carry programs ... they may need to be patched by Heartbleed ... now looking ahead any ... can companies do this alone or ... we can start seeing regulations and government stopping and saying case you need to meet certain criteria in your base in Washington what's the buzz that ... absolutely so there's all sorts of regulations annuities figured out how to regulate ... writing secure softer and we could do that we wouldn't sell fiscal twenty years ago ... the palms a social problem ... so depending on the industry the year and there's probably a wide variety of compliance regulations can be to meet ... the bottom line though was that meeting these compliance regulations ... should not be a destination should be a stark because the hackers are always be one or two steps ahead ... of a of regulation are doing ... you work with clients all over the world ... on ... is there a comment the more ... calm and assets of problems that they're most concerned about ... her Lord organizations for large networks the common theme ... is people really have no idea how big their networks are ... and what is on it ... and because of that it becomes a very very difficult to defend ... how is Technology keeping up with a new way is hackers are ... are getting ... into the systems absolutely there's many many tolls to find these advanced attacks ... or even older tax for many years ago which are still effective ... perhaps too simple things like Pastor guessing this things happen change ... what we really need to tell people as an industry though ... is to adopt new forms of technology such as virtualization ... which can help people make defensive changes to the network much faster than before ... what is the top saying your on most worry about right now ... so I worry about people not doing anything ... we've had a lot of major instance of its past two years arriving at Berkeley ... we've had Target getting compromise ... and a lot of organization to speak with still think that they are not affected by ... that they are ... now on sale ... walk with SEO the next six months twelve months ... what are the things that you as a company ... are recommending share clients to the big thing the war recommendation is to audit uh hundred percent of your network ... typically people think or industry about vulnerabilities in the full ability some that can be fixed with the patch ... perhaps for Micra soft perhaps from Apple ... what we want people to do is on and all of their network hundred using the network ... the defenses with that network ... and when they find issue with those problems ... he would want them to fix it on a bike ... thank you Brian ...